<?php
$userid=$_POST['number'];
$username=$_POST['username'];
$password=$_POST['password'];

if ($userid == 16137030 and $username == '莫智焱' and $password == '16S137030'){
    header("Location:index.php");
}
else{
    $conn = new mysqli("localhost", "root", "123", "commission");
    if ($conn->connect_error) {
        die("服务器连接失败: " . $conn->connect_error);
    }
    $result = $conn->query("SELECT name, password FROM userinformation WHERE id= '" .$userid. "'");
    if ($result->num_rows <= 0) {
        echo "<script> alert('编号查找失败，请核对后重新输入');history.back(); </script>";
        $conn->close();
    }
    else {
        $row = mysqli_fetch_array($result);
        if($username !== $row['name'] or $password !== $row['password']){
            echo "<script> alert('编号已经存在但与姓名或密码不匹配，请核对后重新输入');history.back(); </script>";
            $conn->close();
        }
        else{
            session_start();
            $_SESSION['name']=$username;
            $_SESSION['userid']=$userid;
            header("Location:submit.php");
            $conn->close();
        }
    }
}

?>